pike.git / lib / modules / SSL.pmod / Context.pike

version» Context lines:

pike.git/lib/modules/SSL.pmod/Context.pike:650:   // The client must only inlcude PSK suites when talking to a servers   // known to support it, or risk getting MITM attacks.      //! A context created for server side PSK use can optionally implement   //! get_psk_hint to return a hint string to be sent to the client. If   //! not implemented, or returning 0, no PSK hint will be sent.   optional string(8bit) get_psk_hint();      //! A context created for client side PSK use must implement a   //! get_psk_id method, which will be called with the server provided - //! hint, or 0 if no hint was sent. The method should return a key id + //! hint, or 0 if no hint was sent. Note that while there is an API + //! difference between no hint and a zero length hint, some PSK modes + //! are unable to send no hints. + //! + //! The method should return a key id   //! for the PSK, which will be sent to the server. If the hint is not   //! valid, 0 should be returned.   optional string(8bit) get_psk_id(string(8bit) hint);      //! A context created for PSK use must implement a get_psk method,   //! which will be called with the key id, and should return the key to   //! be used for the connection. If the id is not valid, 0 should be   //! returned.   optional string(8bit) get_psk(string(8bit) id);